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>] 0b67f9ea21b6f01 5fae0e744588aa2a4f3 704001 5486d47c 760b3a0b936fe2bc Q ay 880 Sigh In 
1 (1) One engine detected this file . 
155 
Ob6 7fSea2 1 bSf01 SfaeVe/44588BaaZa4i37040e154 2 
a CSA 11.17 MB 2016-02-26 04:01:50 UTC Og | 
86d47c760bSa0b936fe2bc Owe 
Size 3 years ago CXF 
Bilmessage%o20v0.1.0.exe 
Casnmuruty Ovethay Peare Vitisice 
DETECTION DETAILS RELATIONS BEHAVIOR COMMUNITY 
Basic Properties 
MD5 BYcbi4afO2e0efS318b 15697 ca5a7edi 
SHA-1 8Baas6Scf64c62epb80adddaS49607a2780e1015 
SHA-256 Ob67iGeaz 1 b6i0 1 5faeQe744556aa2a4/37040e 15486047 c760b3a0bS36le2be 
Authentihash 886590d10629e3e20f4eGde 7 14299e82a'9165adb50323aa777214e0a55134ed2 
Imphash acbc&{751f4e19c096f01 1!686320533 
SSDEEP 196608 .B/PF3TOMGujiPqzqgMS4 1 Ny7p05rD/IKEIntSBcCoHwmM+4PyQbJ{SEe8HeCwl: V99WmPqzadxy 7purjxXiow5 HObJISEs! 
File type Win32 EXE 
Magic PE3Z executable for MS Windows (GUI) Intel 80386 32-bit 
File size 11.17 MB (11717483 bytes) 
History 
Creation Time 2042-05-25 09:26 27 
First Submission 2015-04-30 08:39 29 
Last Submission 2016-02-26 04:07 50 
Last Analysis 2016-02-26 04:01 50 
Names | 
Bitmessage%20v0.1.0.exe 
Portable Executable Info 
Header 
Target Machine Intel 386 or later processors and compatidle processors 
Compilation Timestamp 2012-05-25 09:25:27 
Entry Point 37809 
Contained Sections 5 
Sections 
Name Virtual Address Virtual Size Raw Size Entropy MD5 
text 4096 7183 77312 6.62 1bfa456795c6dbfcdbbc63e3dc957e75 
data 815920 25770 26112 6.4 658d3ff39563037d876c7e24bcbb38ab 
data 110592 12680 4608 2.06 36 afS65c4 109a8011597{02H24d3e40 
Ise 126976 SO5660 195984 4,75 4cc4ebef2a 1!4ca 1 daf49dd5cd0 11492 


reloc 230572 9214 5632 5.04 83ac9504937 90ec68f?7 081 369a27c03e 
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ort poo 
0b67f9ea21b6f01 5fae0e744588aa2a4f37040015486d47c760b3a0b936fe2be OQ A sso) Sign in 
+ KERNEL32.dll 


+ USER32.dll 


+ WS2 324 


Contained Resources By Type 


RT ICON 7 
RT GROUP_ICON 2 


Contained Resources By Language 


NEUTRAL 9 


Contained Resources 


SHA-256 File Type Type Language 
feeSadsfod0Se2806 /hebe29Z2 145ce53207568ac61... dala RT_ICON NEUTRAL 
bSidad/2zfed4cf7e83/d837382bc8b3cck oro? data RT_ICON NEUTRAL 
Sccb1SaZza2 idabddaSc?S rT egensd2catedbebs 7640, dala RT ICON NEUTRAL 
ce64001 Sb9bb626d /64302b9acdescddc3/7S9ce969... dala mT ICON NEUTRAL 
aa’ /Sebbosdd5ee4ect4d9aa4iots4adidiari3aib. dala RT_ICON NEUTRAL 
coS36b396beGbdcic96f4e4i7fecf0O?b?asb/30ee57... dala RT ICON NEUTRAL 
acze25dc4a4f/bd9balbciiteaticd ibcl2babibalsea dala RT ICON NEUTRAL 
f4764d209673399ab/ S524 3 dashabessolccoasel... dala RT _ GROUP_ICON NEUTRAL 
fab9o4a42iic/ fcSeefS858aldid6564 19feaG00b0C 318... data RT_GROUP_ICON NEUTRAL 


ExifTool File Metadata 


CodeSize 
EntryPcint 
FileType 
FileTypeExlension 
ImageVersion 
InitiahzedDataSize 
LinkerVersion 
MIME Type 
MachineType 
OSVersion 
PEType 
Subsystem 
Subsystem Version 
TimeStamp 
UninitalizedDatasize 


732 

Ox93b1 

Wing2 EXE 

exe 

0.0 

142336 

10.6 

applicationioctet-siream 

Intel 386 or later, and compatibles 
re 

PES2 

Windows GUI 

5.4 

2012:05:25 16:26:27 +0100 
0) 
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>] 0b67f9ea21b6f01 5fae0e744588aa2a4f37040e1 5486d47c 760b3a0b93G6fe2bc Q ah 850 Sign in 
VirusTotal Community Tools Premium Services Documentation 
Contact Us Join Community API Scripts intelligence Get Started 
How It Works Vote and Comment YARA Hunting Searching 
Terms of Service Contributors Desktop Apps Graph Reports 
Privacy Policy Top Users Browser Extensions API API 


Blog Latest Comments Mobile App Mon:tor Use Cases 


